<?php
//isers.php
$db = new dbquery;
$db2 = new dbquery;

if($_GET['action']=='profile')
{
	if($_SESSION['logged_in'])
	{
		$db = new dbquery;
		$db->query("SELECT * FROM $conf[prefix_users]users WHERE  id=$_SESSION[id]") or $db->err(__FILE__, __LINE__);
		$usr = $db->fetch_array();

		//generating list of themes
		$thm_o = get_theme_array();

		foreach($thm_o as $file) {
			$theme_options.='<option value="'.$file.'"';

			if($usr['theme'] == $file)
				$theme_options.=' SELECTED';

			$theme_options.='>'.$file.'</option>';
		}
		//

		//generating language_options
		$av_langs = get_lang_list();

		$db->query("SELECT * FROM $conf[prefix]lang WHERE name = 'langname'");
		$row = $db->fetch_assoc();

		$language_options='';
		foreach($av_langs as $l) {
			$language_options .= "<option value=\"$l\"";
			if($l == $usr['lang'])
				$language_options  .= ' selected';
			$language_options  .= ">$row[$l]</option>\n";
		}
		//

		//jeżeli jestobrazek to go wyswietl
		if(ereg('http:\/\/', $usr['avatar']) && $usr['avatar'])
			$image='<img src="'.$usr['avatar'].'" alt="" />';
		elseif(!ereg('http:\/\/', $usr['avatar']) && $usr['avatar'] && $usr['avatar']!='none')
			$image='<img src="'.$conf['avatar_upload'].$usr['avatar'].'" alt="" />';
		else
			$image='';
		//

		//auto-login checkbox
		if($usr['autologin'] == 1)
			$autologin = ' checked';
		else
			$autologin = NULL;

		if($usr['mailing'] == 1)
			$mailing = ' checked';
		else
			$mailing = NULL;

		$content = string_template(read_file('users_form.php'), array('admin'=>'', 'moderator_options'=>$moderator_options, 'user_id'=>$usr['id'], 'function'=>'user_edit', 'u_autologin' => $autologin, 'u_login' => read_text_rest($usr['login']), 'u_name' => read_text_rest($usr['name']), 'u_surname' => read_text_rest($usr['surname']), 'u_mail' => $usr[mail], 'u_gg' => read_text_rest($usr['gg']), 'u_icq' => read_text_rest($usr['icq']), 'u_o2' => read_text_rest($usr['o2']), 'u_website' => read_text_rest($usr['website']), 'u_location' => read_text_rest($usr['location']), 'u_signature' => read_text_edit($usr['signature']), 'theme_options' => $theme_options, 'language_options' => $language_options, 'image' => $image, 'u_mailing' => $mailing, 'anti_auto_fill'=>time(), 'avatar_description'=> string_template($GLOBALS['lang']['users']['avatar_description'], array('max_x'=>$conf['avatar_max_x'], 'max_y'=>$conf['avatar_max_y']))));
		$description = $GLOBALS['lang']['users']['preferences'];
	}
	else
	{
		$error=$GLOBALS['lang']['users']['error'.$_GET['error'].''];
		$content = string_template(read_file('login_form.php'), array('theme_path'=>$GLOBALS['theme_path'], 'error' => $error, 'site' => $_GET['site']));
		$description=$GLOBALS['lang']['users']['description'];
	}
} elseif($_GET['action'] == 'login') {
	$error=$GLOBALS['lang']['users']['error'.$_GET['error'].''];
	$content = string_template(read_file('login_form.php'), array('theme_path'=>$GLOBALS['theme_path'], 'error' => $error, 'site' => $_GET['site']));
	$description=$GLOBALS['lang']['users']['description'];
}
elseif($_GET['action'] == 'lost_password')
{
	$content = string_template(read_file('lost_password_form.php'), array('theme_path'=>$GLOBALS['theme_path']));
	$description=$GLOBALS['lang']['users']['lost_pass'];
}
elseif($_GET['action'] == 'register')
{
	if(!perms_check('users', 'register'))
	{
		redirect('index.php?module=error&error=auth_error');
		exit();
	}

	//generating list of themes
	$thm_o = get_theme_array();

	foreach($thm_o as $file) {
		$theme_options.='<option value="'.$file.'"';

		if($usr['theme'] == $file)
			$theme_options.=' SELECTED';

		$theme_options.='>'.$file.'</option>';
	}
	//

	//generating language_options
	$av_langs = get_lang_list();

	$db->query("SELECT * FROM $conf[prefix]lang WHERE name = 'langname'");
	$row = $db->fetch_object();
	$language_options=NULL;
	foreach($av_langs as $l) {
		$language_options .= '<option value="'.$l.'"';
		if($l == $usr['lang'])
			$language_options  .= ' selected ';
		$language_options  .= '>'.$row->$l.'</option>';
	}
	//

	$content=string_template(read_file('register_form.php'), array('language_options' => $language_options, 'theme_options' => $theme_options, 'anti_auto_fill'=>time(), 'avatar_description' => string_template($lang['avatar_description'], array('max_x' => $conf['avatar_max_x'], 'max_y' =>  $conf['avatar_max_y']))));
	$description=$GLOBALS['lang']['users']['register'];
}
elseif($_GET['action']=='thx') {
	$content=string_template($lang['register_thx_text'], array('name'=>$_GET['name']));
	$description=$lang['register_thx_description'];
}
elseif(!empty($_GET['user'])) {
	SQLvalidate($_GET['user']);

	$db->query("SELECT * FROM $conf[prefix_users]users WHERE id = ".$_GET['user']) or $db->err(__FILE__, __LINE__);
	$usr = $db->fetch_object();

	if($db->num_rows() == 0) {
		redirect('index.php?module=error&action=users&error=error1');
		exit;
	}
	elseif($usr->active == 0) {
		redirect('index.php?module=error&action=users&error=error4');
		exit;
	}

	if($usr->avatar != 'none' and $usr->avatar!='') {
		if(ereg("^http://", $usr->avatar)) {
			$avatar = '<img src="'.$usr->avatar.'" border="0" alt="" />';
		}
		else {
			$avatar = '<img src="'.$conf['avatar_upload'].$usr->avatar.'" alt="" />';
		}
	}

	//group
	$group_ = get_group_info_by_gid($usr->gid);

	//rank
	$rank=get_rank($usr->gid, $usr->points);
	$rank_image='<img src="'.$rank['path'].'" alt="'.$rank['name'].'" />';

	//email
	$mail=explode("@", $usr->mail);

	//signature
	$signature=read_text_comments($usr->signature);

	//name
	$name=read_text_rest($usr->name);

	//surname
	$surname=read_text_rest($usr->surname);

	//www
	$www=read_text_rest($usr->website);

	//gg
	$gg=read_text_rest($usr->gg);

	//o2
	$o2=read_text_rest($usr->o2);

	//icq
	$icq=read_text_rest($usr->icq);

	//points
	$points=read_text_rest($usr->points);

	//location
	$location=read_text_rest($usr->location);

	//f1
	$f1=read_text_rest($usr->f1);

	//f2
	$f2=read_text_rest($usr->f2);

	//f3
	$f3=read_text_rest($usr->f3);

	//f4
	$f4=read_text_rest($usr->f4);

	$content=string_template(read_file('users_info.php'), array('theme_path'=>$GLOBALS['theme_path'], 'login'=>read_text_rest($usr->login), 'avatar'=>$avatar, 'rank_image'=>$rank_image, 'rank'=>$rank['name'], 'group_name'=>read_text_rest($group_->name), 'group_color'=>$group_->color, 'group_prefix'=>$group_->prefix, 'group_id'=>$group_->id, 'name'=>$name, 'surname'=>$surname, 'reg_date'=>$usr->reg_date, 'www'=>$www, 'gg'=>$gg, 'o2'=>$o2, 'icq'=>$icq, 'points'=>$points, 'location'=>$location, 'mail1'=>$mail[0], 'mail2'=>$mail[1], 'user_id'=>$usr->id, 'f1'=>$f1, 'f2'=>$f2, 'f3'=>$f3, 'f4'=>$f4, 'signature'=>$signature));

	$description = string_template($GLOBALS['lang']['users']['profile'], array("user" => read_text_rest($usr->login)));
} else {
	$fields=array('id', 'mail', 'login', 'name', 'gid', 'surname');

	//sort
	if($_GET['sort']!='ASC' && $_GET['sort'] != 'DESC')
		$_GET['sort']='ASC';
	if(!$_GET['sortby'] or !in_array($_GET['sortby'], $fields))
		$_GET['sortby']='login';
	if($_GET['sort']=='ASC')
		$sortnext='DESC';
	else
		$sortnext='ASC';
	//

	//dla wyszukiwarki
	if($_POST['search'] or $_GET['search']) {
		if($_GET['search'])
			$_POST['search']=$_GET['search'];

		$_POST['search']=read_text_rest($_POST['search']);

		$srch=str_replace('*', '%', $_POST['search']);//* na % dla znaków dowolnych
		$srch="WHERE login LIKE '$srch' or name LIKE '$srch' or surname LIKE '$srch' && active=1";
	}
	else
		$srch="WHERE active=1";

	if($_GET['gid'])
		$srch.=" && gid=".$_GET['gid'];
	//

	//dla stron
	SQLvalidate($_GET['rec']);
	if(!$_GET['rec'])
		$_GET['rec']=0;
	//

	$db->query("SELECT * FROM $conf[prefix_users]users $srch") or $db2->err(__FILE__, __LINE__);
	$q=$db->num_rows();

	$content=string_template(read_file('users_header.php'), array('theme_path'=>$GLOBALS['theme_path'], 'sortnext' => $sortnext));

	$db->query("SELECT * FROM $conf[prefix_users]users $srch ORDER by $_GET[sortby] $_GET[sort] LIMIT $_GET[rec], $conf[users_per_page]") or $db->err(__FILE__, __LINE__);
	if($db->num_rows() == 0)
		$content.=string_template(read_file('users_no_item.php'), array('theme_path'=>$GLOBALS['theme_path']));

	while($usr = $db->fetch_object()) {
		$i++;
		if($i>2)
			$i=1;
		$gname=groups_get_name_by_id($usr->gid);
		$content.=string_template(read_file('users_item.php'), array('theme_path'=>$GLOBALS['theme_path'], 'author'=>get_user_overlib_by_id($usr->id), 'i'=>$i, 'id'=>$usr->id, 'login'=>$usr->login, 'name'=>read_text_rest($usr->name), 'surname'=>read_text_rest($usr->surname), 'gname'=>$gname, 'gid'=>$usr->gid));
	}

	//page_link
	$page_link=split_to_pages('<a href="index.php?module=users&search='.$_POST['search'].'&sortby='.$_GET['sortby'].'&sort='.$_GET['sort'].'&amp;rec={rec}">{nr}</a>', $conf['users_per_page'], $q, $_GET['rec']);

	$content.=string_template(read_file('users_footer.php'), array('theme_path'=>$GLOBALS['theme_path'], 'page_link'=>$page_link ,'sortnext' => $sortnext));
	$description = string_template($GLOBALS['lang']['users']['list'], array("user" => ""));
}

$content=string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'description'=>$description, 'content' => $content));

//generating menus (what, template)
$menu_left=menu('left', 'left');
$menu_right=menu('right', 'right');
$menu_top=menu('top', 'top');
//

//site_generation_time
$GLOBALS['time_end'] = microtime(1);
$site_generation_time=abs(round($GLOBALS['time_end']-$GLOBALS['time_start'], 3));
//

//creating template
$tpl=new tpl;
//header
$tpl->create('header.php', array('title' => $GLOBALS['lang']['global']['site_title'], 'description' => $GLOBALS['lang']['global']['site_description'], 'keywords' => $GLOBALS['lang']['global']['site_keywords'], 'theme_path'=>$GLOBALS['theme_path'], 'menu_top' => $menu_top));
//body
//body
$tpl->create('body.php', array('theme_path' => $GLOBALS['theme_path'], 'menu_top' => $menu_top, 'menu_left' => $menu_left, 'menu_right' => $menu_right, 'content' => $content));
//footer
$tpl->create('footer.php', array('site_generation_time' => string_template($GLOBALS['lang']['global']['site_generation_time'], array('site_generation_time'=>$site_generation_time, 'queries'=>$db->query_count())), 'theme_path'=>$GLOBALS['theme_path'], 'copyright' => $GLOBALS['lang']['global']['site_copyright'], 'queries'=>$db->query_count()));
//parse
$tpl->parse();
?>
